spring boot的GenericFilterBean,过滤器在客户端返回错误代码和响应头。

huangapple go评论105阅读模式
英文:

spring boot GenericFilterBean , filter return error code & response header at client side

问题

以下是翻译好的代码部分:

package com.vs.security.filter;

import org.springframework.stereotype.Component;
import org.springframework.web.filter.GenericFilterBean;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

@Component
public class TokenFilter extends GenericFilterBean {

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {

        HttpServletRequest httpRequest = asHttp(servletRequest);
        HttpServletResponse httpResponse = asHttp(servletResponse);
        boolean explicitlyTrue = true;

        if (explicitlyTrue) {
            httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, "提供的信息无效");
            httpResponse.addHeader("SC_UNAUTHORIZED", "提供的信息无效");

            return;
        }

        filterChain.doFilter(servletRequest, servletResponse);
    }

    private HttpServletRequest asHttp(ServletRequest request) {
        return (HttpServletRequest) request;
    }

    private HttpServletResponse asHttp(ServletResponse response) {
        return (HttpServletResponse) response;
    }
}
form() {
    debugger;
    this.$axios.get(this.$dbServer + this.endpoint + 'form')
      .then((res) => {
        debugger;
        this.fd = res.data.fd;
      }).catch(() => { this.notifyOnFailure(this.oopsMessage) })
}

如果你还有其他需要翻译的内容,请继续提供。

英文:

I have a filter

package com.vs.security.filter;

import org.springframework.stereotype.Component;
import org.springframework.web.filter.GenericFilterBean;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

@Component
public class TokenFilter extends GenericFilterBean {

@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {

    HttpServletRequest httpRequest = asHttp(servletRequest);
    HttpServletResponse httpResponse = asHttp(servletResponse);
    boolean explicitlyTrue = true;

    if (explicitlyTrue) {
        httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Provided Information is Invalid");
        httpResponse.addHeader("SC_UNAUTHORIZED", "Provided Information is Invalid");

        return;
    }


    filterChain.doFilter(servletRequest, servletResponse);

}

private HttpServletRequest asHttp(ServletRequest request) {
    return (HttpServletRequest) request;
}

private HttpServletResponse asHttp(ServletResponse response) {
    return (HttpServletResponse) response;
}
}

My request on vuejs

form () {
    debugger
    this.$axios.get(this.$dbServer+this.endpoint+'form')
      .then((res) => {
        debugger
        this.fd = res.data.fd;
      }).catch(() => { this.notifyOnFailure(this.oopsMessage) })
  }

As I have sending SC_UNAUTHORIZED = 401, but on client side, I am unable to get this 401. I even see network tab on browser inspect (as follow). Further, I am also adding header. but unable to get this header value at client side.

Request URL: http://********:8081/*******/form
Referrer Policy: no-referrer-when-downgrade
Content-Type: application/json
Date: Sun, 15 Mar 2020 06:29:00 GMT
Transfer-Encoding: chunked
Accept: application/json, text/plain, */*
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Connection: keep-alive
Host: localhost:8081
Origin: http://*******:8080
Referer: http://*******:8080/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) 
Chrome/80.0.3987.132 Safari/537.36

答案1

得分: 1

你必须交换sendErroraddHeader调用的顺序。

@Bean
GenericFilterBean genericFilterBean() {
    return new GenericFilterBean() {
        @Override
        public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
            HttpServletResponse resp = ((HttpServletResponse) response);
            resp.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Provided Information is Invalid");
            resp.addHeader("SC_UNAUTHORIZED", "Provided Information is Invalid");
        }
    };
}

结果:

HTTP/1.1 401
SC_UNAUTHORIZED: Provided Information is Invalid
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Content-Length: 320
Date: Sun, 15 Mar 2020 06:47:10 GMT
Keep-Alive: timeout=60
Connection: keep-alive
英文:

You have to swap order of sendError and addHeader calls

 @Bean
    GenericFilterBean genericFilterBean() {
        return new GenericFilterBean() {
            @Override
            public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
                HttpServletResponse resp = ((HttpServletResponse) response);
                resp.addHeader("SC_UNAUTHORIZED", "Provided Information is Invalid");
                resp.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Provided Information is Invalid");
            }
        };
    }

And result:

HTTP/1.1 401
SC_UNAUTHORIZED: Provided Information is Invalid
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Content-Length: 320
Date: Sun, 15 Mar 2020 06:47:10 GMT
Keep-Alive: timeout=60
Connection: keep-alive

huangapple
  • 本文由 发表于 2020年3月15日 14:37:33
  • 转载请务必保留本文链接:https://go.coder-hub.com/60690359.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定